Sony Pictures website hacked, 1 million accounts compromised

By on June 2, 2011 at 6:30 PM.

Sony Pictures website hacked, 1 million accounts compromised

Hackers from a group called LulzSec announced on Thursday that they had breached sonypictures.com, the website belonging to Sony-owned studio Sony Pictures. The group claims to have compromised personal information belonging to over 1 million users, including user names, passwords, home addresses, dates of birth and other sensitive data. The group also claims to have accessed 75,000 “music codes” and 3.5 million “music coupons.” LulzSec says it employed a simple SQL injection technique to access the data, and that Sony Pictures’ site was not secure and was therefore easy to breach. The hackers did not have the resources to download all of the exposed data, but they say they did obtain samples in order to prove the authenticity of the attack. LulzSec’s statement on the breach is after the break. More →

23 Comments

Chinese government denies hacking Google

By on June 2, 2011 at 1:05 PM.

Chinese government denies hacking Google

On Wednesday hackers based in China broke into hundreds of Gmail accounts, including those of journalists, Chinese political activists, U.S. government officials, and government employees from South Korea. Given the aforementioned targets and recent revelations that China has a branch of its military focused on cyber activities, it may seem like China’s government had a role in the attack. On Thursday, however, China denied any involvement in the the breach, according to The Wall Street Journal. Hong Lei, a spokesman for the Chinese government, said that the accusations were “unacceptable” and that any allegation suggesting that “the Chinese government supports hacking activity is entirely a fabrication.” More →

15 Comments

Sony PlayStation Network to be fully restored by this weekend in most regions

By on May 31, 2011 at 10:03 AM.

Sony PlayStation Network to be fully restored by this weekend in most regions

Sony on Tuesday stated that services associated with its PlayStation Network will be fully restored by the end of this week in all regions outside Japan, Hong Kong, and South Korea. Sony also said it would fully restore the Music Unlimited services tied to its Qriocity streaming music offering for the PlayStation 3, PSP and PCs. “We have been conducting additional testing and further security verification of our commerce functions in order to bring the PlayStation Network completely back online so that our fans can again enjoy the first class entertainment experience they have come to love,” said Kazuo Hirai, Sony’s Executive Deputy President, in a statement. “We appreciate the patience and support shown during this time.” Sony recently suffered a series of cyberattacks across various networks that exposed personal data belonging to over 100 million of the company’s customers. Sony is currently working with the FBI to identify the parties responsible for breaching its various digital networks. Hit the break for Sony’s full press release. More →

8 Comments

Sony now offering free identity theft protection to PSN and Qriocity customers

By on May 26, 2011 at 8:39 PM.

Sony now offering free identity theft protection to PSN and Qriocity customers

Sony has made good on its promise to offer free identity theft protection to customers whose private information was stolen during a major security breach of its PSN and Qriocity networks. If your account was compromised, you just have to provide the email address that was used to register for Qriocity or PSN, and Sony will provide a free activation code for AllClear ID Plus within 72 hours. AllClear ID Plus will offer free ID theft alerts and will help Sony’s customers get in touch with fraud investigators, should the need arise. More →

7 Comments

Sony cyberattacks spill over to Sony Ericsson

By on May 25, 2011 at 2:43 PM.

Sony cyberattacks spill over to Sony Ericsson

Sony continues to be targeted in a series of cyberattacks that have resulted in the theft of personal information belonging to over 100 million Sony customers. Following breaches of the company’s PlayStation Network, Sony Online Entertainment, So-net Entertainment and most recently, the Sony’s Greek website, hackers have breached a database associated with Sony Ericsson’s Canadian online shop. Personal data including names, email addresses and passwords belonging to more than 2,000 customers was compromised, but Sony said no credit card numbers were stolen. A Lebanese hacking group called Idahca claimed responsibility for the attack, and it said the information obtained has been leaked on Facebook and Twitter. It is unclear if this latest attack is tied in any way to previous attacks on Sony’s various digital properties. More →

22 Comments

Sony suffers another cyberattack

By on May 24, 2011 at 9:00 AM.

Sony suffers another cyberattack

Sony’s ongoing battle with cyberattacks has already left the personal data of over 100 million customers exposed, and now the company has fallen victim to yet another attack. Details are slim for the time being, but Reuters cites a report from Jiji news service in stating that roughly 8,500 people across three countries have been affected by this latest breach. Their personal information has been leaked as a result of an attack on Sony’s Greek website on Tuesday, though it is unclear exactly what data the hackers gained access to. Sony has not yet confirmed the attacks, but its Greek website, sony.gr, was back online at the time of this writing. More →

26 Comments

Sony to post $3.2 billion annual loss

By on May 24, 2011 at 2:19 AM.

Sony to post $3.2 billion annual loss

Sony Chief Financial Officer Masaru Kato announced to the press on Monday that the company expects to post an annual loss of $3.2 billion for its fiscal year ending in March 2011 — the second largest loss in company history. The news comes as yet another blow for the Japanese consumer electronics giant, whose online networks have been the target of a series of cyberattacks that impacted more than 100 million customers. Sony had previously expected to post a profit this year, however the company had to write off $4.4 billion for a tax credit from a previous quarter. A series of earthquakes that rocked Japan earlier this year had a negative impact on the company as well, slowing production and destroying factories. The affect of the quakes carried over to the company’s first quarter, Kato told the press, but Sony is still optimistic about 2011/2012. For the fiscal year ending in March 2012, Sony expects to post an operating profit of 200 billion yen, or $2.45 billion at today’s exchange rate. More →

8 Comments

Sony security slump continues, subsidiary So-net Entertainment hacked

By on May 20, 2011 at 3:31 PM.

Sony security slump continues, subsidiary So-net Entertainment hacked

The Wall Street Journal is reporting that hackers have accessed the customer accounts of Sony subsidiary So-net Entertainment Corp, an ISP, and have stolen about $1,225 worth of redeemable gift points. The news comes just weeks after Sony’s massive security breach, during which private information and 12.3 million credit card numbers were stolen from more than 100 million Sony’s Qriocity and PlayStation Network users. Sony said the So-net hacker tried to break into its systems more than 10,000 times before he or she was able to successfully log-in. The intruder was able to access 201 accounts, and he or she stole the redeemable points from 128 customers. “Although we can’t completely rule out the possibility that there is a connection with the PSN issue, the likelihood is low,” said So-net Entertainment spokesperson Keisuke Watabe, noting that the style of attack was different. So-net does not believe that personal information was taken during the break-in. More →

16 Comments

Sony execs: We’re still investigating privacy breach, putting new security system in place

By on May 17, 2011 at 6:39 PM.

Sony execs: We’re still investigating privacy breach, putting new security system in place

Speaking to The New York Times in an interview on Tuesday, Sony’s CEO Howard Stringer discussed the company’s recent security breach, and what his firm is doing to make sure such a large scale attack doesn’t happen again. Stringer argued that Sony reported the breach quickly, despite waiting nearly a week to notify its customers that hackers had stolen personal information, including credit card numbers. “We still have a lot of investigation to do to find out how this happened, but we’re not there yet,” Stringer explained. Sony’s corporate executive officer and executive vice president, Kazuo Hirai, said also noted that Sony is working to examine security on “every level of the company … from televisions to eBooks, and onwards.” Sony will create new security positions within the company, and the security employees with be tasked with setting up a “system to avoid this type of event again — putting a new system in place,” Hirai explained. Sony began restoring its PlayStation Network services in the United States last weekend after issuing a firmware update for the PlayStation 3. More →

5 Comments

Sony begins restoring PSN services

By on May 16, 2011 at 9:30 AM.

Sony begins restoring PSN services

Sony has announced that it’s starting to bring its services back online after a major security breach leaked the credit card data and personal information of over a hundred million users. The first step for Sony’s PlayStation Network members is a firmware update that’s been issued for the PlayStation 3. After applying the patch, PS3 users will be prompted to change their PSN passwords. “Please note that these services will take a bit of time to be turned on and rolled out to the whole country,” the company said in a blog post Saturday. “The process has begun and some states are being turned on now, so please be patient as we reach your city and state.” More →

13 Comments

Facebook apps accidentally leak personal data, Symantec says

By on May 11, 2011 at 5:22 PM.

Facebook apps accidentally leak personal data, Symantec says

According to security firm Symantec, some advertisers on Facebook may have had access to your person profile, photographs and chats thanks to a security leak that was enabled by close to 100,000 Facebook applications. Thankfully, Symantec doesn’t think the advertisers ever knew that they had access to the personal data, and Facebook has already “taken corrective action to help eliminate this issue.” Symantec said that Facebook IFRAME applications were leaking “access tokens” — think of them as “spare keys” — that are granted to Facebook applications. While Facebook now uses OAUTH2.0 for authenticating users, hundreds of thousands of older applications still use a different authentication method. “There’s no good way to estimate how many access tokens have already been leaked since the release of Facebook applications back in 2007,” the report said, but Symantec thinks some may still be available through log files in third-party servers. Symantec advises Facebook users to change their passwords to invalidate those floating access tokens. More →

19 Comments

Sony: ‘At least a few more days’ before PSN service restored

By on May 10, 2011 at 11:40 PM.

Sony: ‘At least a few more days’ before PSN service restored

On its PlayStation Network blog today, Sony gave an official statement on when the PlayStation Network will be back online. The short answer is “at least a few more days.” Sony has also promised that both Qriocity and PSN should be available by May 31, however, so it could take a bit longer, too. Both networks went down after Sony suffered a massive security breach during which hackers stole 12.3 million credit card numbers and compromised personal data from 101 million accounts. “I know you all want to know exactly when the services will be restored,” Sr. Director, Corporate Communications & Social Media Patrick Seybold wrote on Sony’s PSN blog. “At this time, I can’t give you an exact date, as it will likely be at least a few more days. We’re terribly sorry for the inconvenience and appreciate your patience as we work through this process.” More →

23 Comments

Capcom exec says Sony breach cost his company ‘hundreds of thousands, if not millions’ of dollars

By on May 10, 2011 at 10:50 AM.

Capcom exec says Sony breach cost his company ‘hundreds of thousands, if not millions’ of dollars

Capcom senior vice president Christian Svensson has voiced his opinion over the Sony’s massive security breach on the Capcom forums. “As an executive responsible for running a business, the resulting outage [is] obviously costing us hundreds of thousands, if not millions of dollars in revenue that were planned for within our budget,” Svensson said in a public forum response. “These are funds we rely on to bring new games to market for our fans.” Capcom has a storefront that offers users the option to purchase extra game content on the PlayStation Network. Svenesson clarified in another post and added that he — and perhaps Capcom, too — is more frustrated with the hackers than with Sony, which he views as the victim. More →

23 Comments